Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
EUVDB-ID: #VU83416
Risk: Low
CVSSv3.1: 4.5 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-44318
CWE-ID:
CWE-321 - Use of Hard-coded Cryptographic Key
Exploit availability: No
DescriptionThe vulnerability allows a remote user to compromise the target system.
The vulnerability exists due to the usage a hardcoded key to obfuscate the configuration backup that an administrator can export from the device. A remote administrator can obtain a configuration backup to extract configuration information from the exported file.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsSCALANCE S615 EEC: All versions
SCALANCE MUM856-1 (RoW): All versions
SCALANCE MUM856-1 (EU): All versions
SCALANCE MUM853-1 (EU): All versions
SCALANCE M876-4 (NAM): All versions
SCALANCE M876-4 (EU): All versions
SCALANCE M876-3 (ROK): All versions
SCALANCE M876-3 (EVDO): All versions
RUGGEDCOM RM1224 LTE(4G) NAM: All versions
RUGGEDCOM RM1224 LTE(4G) EU: All versions
SCALANCE M876-4: All versions
SCALANCE M874-3: All versions
SCALANCE M874-2: All versions
SCALANCE M826-2 SHDSL-Router: All versions
SCALANCE M816-1 ADSL-Router (Annex B): All versions
SCALANCE M816-1 ADSL-Router (Annex A): All versions
SCALANCE M812-1 ADSL-Router (Annex B): All versions
SCALANCE M812-1 ADSL-Router (Annex A): All versions
SCALANCE M804PB: All versions
SCALANCE S615: All versions
External linkshttp://cert-portal.siemens.com/productcert/txt/ssa-180704.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU83418
Risk: Low
CVSSv3.1: 4 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-44320
CWE-ID:
CWE-425 - Direct Request ('Forced Browsing')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to improper authentication when performing certain modifications in the web interface. A remote user can influence the user interface configured by an administrator.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsSCALANCE S615 EEC: All versions
SCALANCE MUM856-1 (RoW): All versions
SCALANCE MUM856-1 (EU): All versions
SCALANCE MUM853-1 (EU): All versions
SCALANCE M876-4 (NAM): All versions
SCALANCE M876-4 (EU): All versions
SCALANCE M876-3 (ROK): All versions
SCALANCE M876-3 (EVDO): All versions
RUGGEDCOM RM1224 LTE(4G) NAM: All versions
RUGGEDCOM RM1224 LTE(4G) EU: All versions
SCALANCE M876-4: All versions
SCALANCE M874-3: All versions
SCALANCE M874-2: All versions
SCALANCE M826-2 SHDSL-Router: All versions
SCALANCE M816-1 ADSL-Router (Annex B): All versions
SCALANCE M816-1 ADSL-Router (Annex A): All versions
SCALANCE M812-1 ADSL-Router (Annex B): All versions
SCALANCE M812-1 ADSL-Router (Annex A): All versions
SCALANCE M804PB: All versions
SCALANCE S615: All versions
External linkshttp://cert-portal.siemens.com/productcert/txt/ssa-180704.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU83420
Risk: Low
CVSSv3.1: 2.5 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-44321
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote administrator can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsSCALANCE S615 EEC: All versions
SCALANCE MUM856-1 (RoW): All versions
SCALANCE MUM856-1 (EU): All versions
SCALANCE MUM853-1 (EU): All versions
SCALANCE M876-4 (NAM): All versions
SCALANCE M876-4 (EU): All versions
SCALANCE M876-3 (ROK): All versions
SCALANCE M876-3 (EVDO): All versions
RUGGEDCOM RM1224 LTE(4G) NAM: All versions
RUGGEDCOM RM1224 LTE(4G) EU: All versions
SCALANCE M876-4: All versions
SCALANCE M874-3: All versions
SCALANCE M874-2: All versions
SCALANCE M826-2 SHDSL-Router: All versions
SCALANCE M816-1 ADSL-Router (Annex B): All versions
SCALANCE M816-1 ADSL-Router (Annex A): All versions
SCALANCE M812-1 ADSL-Router (Annex B): All versions
SCALANCE M812-1 ADSL-Router (Annex A): All versions
SCALANCE M804PB: All versions
SCALANCE S615: All versions
External linkshttp://cert-portal.siemens.com/productcert/txt/ssa-180704.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.